On our website, securing a public address means making sure that no one can alter the password protected pdf file or the electrum wallet file which contains only your bitcoin public addresses, without you knowing. Why secure these pdf documents which only contain your public addresses, or these electrum wallet files which are ‘watching only’ wallets?
Picture this scenario. You have spent some money, and significant effort, to securely create and store 1000 bitcoin addresses from 40 seed phrases using Method 4, Method 5 or Method 6 on this website. Method 6 (VARIATION 2) by the way, is in our opinion the BEST and only acceptable way to store a large number of bitcoins.
These methods however are also cold storage or deep cold storage methods. This means it is inconvenient for you to view the pdf files that contain all the bitcoin public and private addresses every time you only want to deposit or send more bitcoins to them. The solution is to store a password protected pdf document with only the public addresses in a separate yet easily accessible location on your main computer or offline usb drive, or to use an electrum ‘watching only’ wallet. The plan is for you to access this easily accessible pdf document or ‘watching only’ wallet every time you wish to send bitcoins to one of your bitcoin addresses that are in the pdf files secured using Method 4, 5 or 6.
Ok, so what is the problem?
The problem is if someone somehow later manages to gain access to this less secured and easily accessible pdf or ‘watching only’ wallet file and somehow learns the password to it (in the case of the ‘watching only’ wallet file a password is not needed since electrum don’t have a password option for these files). This individual can now easily create a fake pdf or fake ‘watching only’ wallet that looks the same as your authentic one but with different public addresses. They can then delete your authentic pdf or ‘watching only’ wallet files and replace it with their own. Every time you now unsuspectingly access this pdf or these wallet files and send bitcoins to the addresses in it which you believe to be yours, you are in fact sending them to the thief.
So how do we secure your public addresses and eliminate this danger?
HOW TO DO IT
The most obvious way to do this is to use a very strong password and only access the public-addresses-only pdf the same way you would access pdf files secured using Method 4 or 5. This means a 26-32 character password and only opening it in a newly created usb Linux operating system. In the case of the electrum ‘watching only’ wallets, you simply never keep them in your electrum program after creating them and delete them everytime after you have created them from the public-addresses-only pdf file. The problem with this however as mentioned earlier is that it is unnecessarily more work to access the pdf files as the Linux operating system needs to be used every time and you might as well not have a public-addresses-only pdf and use the original pdf’s that contain the seeds.
A good solution to this though is to use a regular 10-14 character password for the public-addresses-only pdf file and then email yourself, on the date you actually created the pdf file, the exact same password protected copy of your pdf file. Every time you plan to send bitcoins to addresses in the pdf file with only the public addresses, you should open your email and download the duplicate copy and check they are the same. The easiest way to check is to do a SHA512 checksum of both files using ‘QuickHash-Windows-v2.6.9.2’ or another hashing program. Generally speaking, emails and attachments on these emails which have been sent previously are fairly difficult, if not impossible to change, and it would be hard for someone without administrator level access to the email servers to fake these.
If you are prepared to spend some satoshi however (satoshi = smallest bitcoin unit), and would like another or additional verification method, you can do the following to secure your public addresses. You will basically make actual entries on the bitcoin blockchain by sending near the minimum permitted amount (but a specific amount) of bitcoin to the first and second address of each wallet file you have created that was generated from a seed (or a master public key). You will use a different random sending address for each of the two entries. The specific amount you choose will be the first 4 numbers of the bitcoin sending address which you have sent the bitcoins from (ignoring all letters, ignoring first 1, and ignoring all ‘zeros’ immediately next to the first 1). So for example, if the first bitcoin sending address is 15EjXPswh14FgZTizw2zjPNMhVSLLN7miL and the second bitcoin sending address is 13mKe82VDAuj5f8WZB3byDJEzPYSWke4Hy you would send 5142 satoshi to the first address of the wallet, and 3825 satoshi to the second address of the wallet. Don’t use a sending address combination if both the satoshi amounts when added is less than 6000 satoshi.
All past entries on the bitcoin blockchain (past 6 confirmations) are impossible to change and if you make entries like those shown above, should be very costly to fake in advance owing to the massive number of possible combinations (estimated at minimum 6000 BTC per day faked not yet including transaction fees*). After marking them, every time you send any money to any of your bitcoin addresses, you would check beforehand at https://blockchain.info/ that the details of the two marked addresses for that set of addresses matches those details you remember having used (date and amounts in particular), and that the 4 numbers value of the sending addresses match the amount.
Try to mark the addresses on the same day they were first generated to make it easier to remember the sending date. The sending amounts should be easy to remember as it will be the same two amounts for every two addresses you have marked for each wallet (or ever marked if you use the same two sending address’s everytime). If you have another standard (not watching only) electrum wallet open in the program, marked with the same sending addresses, you can just compare it to that one. Ofcourse in this case you could also just check that the first sending addresses are the same. Only mark the first two public addresses of each wallet file with two different sending addresses and then to avoid ever using these addresses again freeze them in the electrum program (right click address then click ‘Freeze’). Only mark the first two addresses of an electrum wallet generated from a seed, or the first two addresses of an electrum ‘watching only’ wallet generated from a ‘Master Public Key’. Don’t store on your computer ‘watching only’ wallets generated from only the ‘Public Addresses’ since you can’t be sure all the addresses are from the same seed without checking.
At the end of the day, if there is ever any doubt that the public addresses aren’t yours then don't use them until you check either your TrueCrypt pdf file, or the Master usb in deep cold storage with both the private and public addresses.